CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

author	Mark Johnston <markj@FreeBSD.org>
	Tue, 13 Apr 2021 20:30:05 +0000 (16:30 -0400)
committer	Mark Johnston <markj@FreeBSD.org>
	Tue, 13 Apr 2021 21:42:20 +0000 (17:42 -0400)
commit	6faf45b34b14da5f138774b43ec14fb5567ac584
tree	bdeee1cfa2406e8c4454fb694c368c3503d805df	tree \| snapshot
parent	38da497a4dfcf1979c8c2b0e9f3fa0564035c147	commit \| diff

amd64: Implement a KASAN shadow map

The idea behind KASAN is to use a region of memory to track the validity
of buffers in the kernel map.  This region is the shadow map.  The
compiler inserts calls to the KASAN runtime for every emitted load
and store, and the runtime uses the shadow map to decide whether the
access is valid.  Various kernel allocators call kasan_mark() to update
the shadow map.

Since the shadow map tracks only accesses to the kernel map, accesses to
other kernel maps are not validated by KASAN.  UMA_MD_SMALL_ALLOC is
disabled when KASAN is configured to reduce usage of the direct map.
Currently we have no mechanism to completely eliminate uses of the
direct map, so KASAN's coverage is not comprehensive.

The shadow map uses one byte per eight bytes in the kernel map.  In
pmap_bootstrap() we create an initial set of page tables for the kernel
and preloaded data.

When pmap_growkernel() is called, we call kasan_shadow_map() to extend
the shadow map.  kasan_shadow_map() uses pmap_kasan_enter() to allocate
memory for the shadow region and map it.

Reviewed by: kib
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D29417

sys/amd64/amd64/pmap.c		diff \| blob \| history
sys/amd64/include/asan.h	[new file with mode: 0644]	blob
sys/amd64/include/pmap.h		diff \| blob \| history
sys/amd64/include/vmparam.h		diff \| blob \| history
sys/kern/kern_malloc.c		diff \| blob \| history
sys/kern/vfs_bio.c		diff \| blob \| history